Windows 7: The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed)

I began experiencing problems with my Windows 7 PCs not refreshing the Computer Group Policies that I had in place.

SYMPTOMS:

gpupdate /force would report the following:

C:\Users\username>gpupdate /force
Updating Policy…

User Policy update has completed successfully.
Computer policy could not be updated successfully. The following errors were encountered:

The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed).
Look in the details tab for error code and description.

To diagnose the failure, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results.

The Eventlog would report a similar error

Log Name: System
Source: Microsoft-Windows-GroupPolicy
Event ID: 1006
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Description:
The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

And the Group Policy Results Wizard would report:

Component Status

Group Policy Infrastructure Failed 1/30/2012 3:51:06 PM
Group Policy Infrastructure failed due to the error listed below.

Logon failure: unknown user name or bad password.

Note: Due to the GP Core failure, none of the other Group Policy components processed their policy. Consequently, status information for the other components is not available.

Additional information may have been logged. Review the Policy Events tab in the console or the application event log for events between 1/30/2012 3:51:05 PM and 1/30/2012 3:51:06 PM.

SOLUTION

After much research, I finally came across the fix at Clint Boessen’s Blog

The HOSTS file located in C:\Windows\System32\drivers\etc contained entries for my domain controllers. I simply removed them from the HOSTS file and I was able to refresh my Computer Group Policies.

But, how do you correct multiple PCs that are affected???

Since I was able to refresh User Group Policies without issue, I added a new HOSTS file to a Users Group Policy to push the changes. This prevented me from having to visit many Windows 7 PCs.

About these ads
This entry was posted in Group Policy, Windows 7 and tagged , . Bookmark the permalink.

2 Responses to Windows 7: The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed)

  1. Very nice post. I just stumbled upon your weblog and wanted to say that
    I’ve truly enjoyed browsing your blog posts. After all I will be subscribing to your feed and I hope you write again soon!

  2. It’s an remarkable piece of writing designed for
    all the online visitors; they will take benefit from it I am sure.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s